While cloud is the word on every enterprise’s lips this year, the path to digital transformation is still a bumpy road, with visibility and insight issues that can hamper effectiveness, according to Ixia.
A recent Ixia study on virtualisation found that 37% of organisations monitored their virtual environments at the same level as their physical networks.
This lack of visibility might be a good tradeoff now, this will change if things go wrong, says Ixia VP of solutions marketing Jeff Harris.
“Most organisations cannot take that chance, so they need to bridge the visibility gap quickly. Visibility will enable better control, to maintain security no matter where their data goes and, of course, to ensure reliability of their core business applications,” Harris says.
While virtual network taps send traffic to monitoring, analytics and security tools to address the visibility gap, this can often result in data floods.
“Internal east-west traffic in virtual data centres typically represents 80 per cent of the total traffic. Finding a way to monitor this data without overloading the system is key. Companies need to identify and extract only the most relevant traffic, in an efficient manner,” Harris continues.
Ixia says there are four key areas to consider when deploying virtual taps. These areas can ensure meaningful and granular access to critical application traffic on virtualised networks.
Make sure virtual network taps can handle rapid growth in traffic volumes as well as user numbers and data interactions. Ideally the taps should automatically do these activities without IT intervention or an impact on application performance.
Securing in the dark
Often virtual firewalls segment virtualised networks for cyber protection. They also stop lateral movement in the virtualised environment that could compromise data or resources. Virtual taps must be able to see the traffic flowing between segments. This ensures appropriate security rules and policies that govern each segment are enforced.
Ixia says that container use will increase by as much as tenfold - or even more – as virtual machine usage grows. Virtual taps must be able to access traffic in those container environments, particularly if an organisation uses container-based virtualisation to boost application performance.
DevOps release new builds that spread across the virtual environment. Individual virtual machines, containers and applications now have shorter lifespans, which means organisations must remain continually aware of the actual environment state. Ixia says DevOps changes must not block the entire traffic path or take the virtual tap down with it.
“Virtual taps and the overall visibility solution must be environment-agnostic. Elastically-scalable access is achievable for all the data crossing virtual networks and clouds as well as intelligent distribution to analytics and compliance tools. Leaving data unmonitored is not smart business. Businesses do not have to give up visibility to gain cloud speed or cost advantages. With the right architecture they can have both,” Harris concludes.